This guide explains how to set up a Shig server as a systemd service and manage it using systemctl.
- A Linux-based server
- Root or sudo access
- Downloaded application. Please read the installation instructions: Install.
- Create Application Directory
sudo mkdir -p /opt/shig- Add Shig Server application and configuration in directory
/opt/shig/bin/shig_server/opt/shig/config.toml
Create group:
sudo groupadd shigCreate a system user for the application:
sudo useradd -r -g shig -d /opt/shig -s /bin/false shigExplanation:
- -r: Creates a system user.
- -g shig: Assigns the user to the appgroup group.
- -d /opt/shig: Sets /opt/shig as the user's home directory.
- -s /bin/false: Prevents the user from logging in.
Set ownership of the application directory:
sudo chown -R shig:shig /opt/shig
sudo chmod -R 750 /opt/shigNavigate to the systemd directory:
cd /etc/systemd/system/Create a new service file for your server:
sudo nano shig.serviceAdd the following content to the file (customize as needed):
[Unit]
Description=Shig server daemon
After=network.target
[Service]
Type=simple
User=shig
Group=shig
ExecStart=/opt/shig/bin/shig_server -c /opt/shig/config.toml
WorkingDirectory=/opt/shig
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=shig
Restart=always
[Install]
WantedBy=multi-user.targetSave and exit the file.
Reload the systemd daemon to recognize the new service:
sudo systemctl daemon-reloadEnable the service to start on boot:
sudo systemctl enable shig.serviceStart the service:
sudo systemctl start shig.serviceCheck the status of the service to ensure it's running:
sudo systemctl status shig.serviceThis guide provides step-by-step instructions to configure a Shig Server behind Nginx, secured with SSL certificates from Let's Encrypt.
Update your server packages:
sudo apt update && sudo apt upgrade -yInstall Nginx:
sudo apt install nginx -yInstall Certbot:
sudo apt install certbot python3-certbot-nginx -yRun Shig Server and ensure Shig Server is running on a specific port (e.g., http://localhost:8080) and test your Shig Server: Use curl or a browser to verify:
curl http://localhost:8080Create an Nginx configuration file:
sudo nano /etc/nginx/sites-available/shig-serviceAdd the following content to the file:
server {
listen 80;
server_name your-domain.com www.your-domain.com;
location / {
proxy_pass http://localhost:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
Replace: your-domain.com with your actual domain name. http://localhost:8080 with the URL and port where your Shig Server is running.
Enable the configuration: Create a symbolic link to enable the site:
sudo ln -s /etc/nginx/sites-available/my-web-service /etc/nginx/sites-enabled/Test the Nginx configuration:
sudo nginx -tRestart Nginx:
sudo systemctl restart nginxRun Certbot to get SSL certificates:
sudo certbot --nginx -d your-domain.com -d www.your-domain.comFollow the prompts: Certbot will automatically configure Nginx for HTTPS.
Verify the certificates: After completion, your site should be accessible via https://your-domain.com.
Test automatic renewal: Certbot’s cron job should already be installed, but you can test it manually:
sudo certbot renew --dry-runCheck logs for renewal: Logs are available at /var/log/letsencrypt/.
Check Nginx logs:
sudo tail -f /var/log/nginx/access.log /var/log/nginx/error.logEnsure HTTPS is working: Open your domain in a browser and verify the SSL padlock in the address bar.
Optionally enable HTTP to HTTPS redirection: Edit your Nginx configuration:
server {
listen 80;
server_name your-domain.com www.your-domain.com;
return 301 https://$host$request_uri;
}
Restart Nginx to apply:
sudo systemctl restart nginx